Î÷ÃÅ×ÓSICAM_230ÑÏÖØÎó²îÇ徲ͨ¸æ

Ðû²¼Ê±¼ä 2019-02-15

Îó²î±àºÅºÍ¼¶±ð


CVE±àºÅ£ºCVE-2018-3989£¬£¬Î£ÏÕ¼¶±ð£ºÖÐΣ£¬£¬CVSS·ÖÖµ£º³§ÉÌ×ÔÆÀ4.3£¬£¬¹Ù·½Î´ÆÀ¶¨

CVE±àºÅ£ºCVE-2018-3990£¬£¬Î£ÏÕ¼¶±ð£ºÑÏÖØ£¬£¬CVSS·ÖÖµ£º³§ÉÌ×ÔÆÀ9.3£¬£¬¹Ù·½Î´ÆÀ¶¨

CVE±àºÅ£ºCVE-2018-3991£¬£¬Î£ÏÕ¼¶±ð£ºÑÏÖØ£¬£¬CVSS·ÖÖµ£º³§ÉÌ×ÔÆÀ9.3£¬£¬¹Ù·½Î´ÆÀ¶¨


Ó°Ïì°æ±¾


SICAM 230£º7.20¼°Ö®Ç°ËùÓа汾


Îó²î¸ÅÊö


SICAM 230ÊÇÒ»¸ö¿ÉÀ©Õ¹µÄÀú³Ì¿ØÖÆϵͳ£¬£¬ÊÊÓÃÓÚÆÕ±éµÄϵͳӦÓóÌÐò£¬£¬¿ÉÒÔ´Ó¼¯³ÉµÄÄÜԴϵͳÖÐʹÓᣡ£¡£ÓÃÓÚÖÇÄܵçÍøÓ¦Óõļà¿Øϵͳ¡£¡£¡£


CVE-2018-3989£ºÌØÖƵÄIRP£¨I / OÇëÇó°ü£©¿ÉÒÔµ¼ÖÂÇý¶¯³ÌÐò£¬£¬·µ»Øδ³õʼ»¯µÄÄڴ棬£¬µ¼ÖÂÄÚºËÄÚ´æй¶¡£¡£¡£


CVE-2018-3990£ºÌØÖƵÄIRP£¨I / OÇëÇó°ü£©¿ÉÄܻᵼÖ»º³åÇøÒç³ö£¬£¬µ¼ÖÂÄÚºËÄÚ´æË𻵣¬£¬ÌØȨÉý¼¶¡£¡£¡£


CVE-2018-3991£º·¢Ë͵½¶Ë¿Ú22347 / tcpµÄÌØÖÆTCPÊý¾Ý°ü¿ÉÄܵ¼Ö¶ÑÒç³ö£¬£¬¿ÉÄܵ¼ÖÂÔ¶³Ì´úÂëÖ´ÐС£¡£¡£


Îó²îÑéÖ¤


ÔÝÎÞPOC¡¢EXP¡£¡£¡£


ÐÞ¸´½¨Òé


ÓйØÎ÷ÃÅ×Ó²úÆ·Ï¢Õù¾ö¼Æ»®£¬£¬plRights Management£¨DRM£©½â¾ö¼Æ»®ÖÐÇå¾²Îó²îµÄ½øÒ»²½×Éѯ£¬£¬ÕâЩ½â¾ö¼Æ»®»áÓ°ÏìSICAM 230Àú³Ì¿ØÖÆϵͳ¡£¡£¡£


Î÷ÃÅ×Ó½¨ÒéÓû§½«¸üÐÂÓ¦ÓÃÓÚWIBU SYSTEMS AGÌṩµÄWibuKeyÊý×Ö°æȨÖÎÀí£¨DRM£©¡£¡£¡£ÇëÁªÏµSiemens ProductCERT£º

https://www.siemens.com/cert/advisories


²Î¿¼Á´½Ó


https://ics-cert.us-cert.gov/advisories/ICSA-19-043-03

https://cert-portal.siemens.com/productcert/txt/ssa-760124.txt